playbooks/certificate_expiry/easy-mode-upload.yaml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

# This example generates HTML and JSON reports and
#
# Copies of the generated HTML and JSON reports are uploaded to the masters,
# which is particularly useful when this playbook is run from a container.
#
# All certificates (healthy or not) are included in the results
#
# Optional environment variables to alter the behaviour of the playbook:
# CERT_EXPIRY_WARN_DAYS:  Length of the warning window in days (45)
# COPY_TO_PATH: path to copy reports to in the masters (/etc/origin/certificate_expiration_report)
---
- name: Generate certificate expiration reports
  hosts: nodes:masters:etcd
  gather_facts: no
  vars:
    openshift_certificate_expiry_save_json_results: yes
    openshift_certificate_expiry_generate_html_report: yes
    openshift_certificate_expiry_show_all: yes
    openshift_certificate_expiry_warning_days: "{{ lookup('env', 'CERT_EXPIRY_WARN_DAYS') | default('45', true) }}"
  roles:
    - role: openshift_certificate_expiry

- name: Upload reports to master
  hosts: masters
  gather_facts: no
  vars:
    destination_path: "{{ lookup('env', 'COPY_TO_PATH') | default('/etc/origin/certificate_expiration_report', true) }}"
    timestamp: "{{ lookup('pipe', 'date +%Y%m%d') }}"
  tasks:
    - name: Ensure that the target directory exists
      file:
        path: "{{ destination_path }}"
        state: directory
    - name: Copy the reports
      copy:
        dest: "{{ destination_path }}/{{ timestamp }}-{{ item }}"
        src: "/tmp/{{ item }}"
      with_items:
        - "cert-expiry-report.html"
        - "cert-expiry-report.json"